HoTDaWg Posted June 28, 2009 Share Posted June 28, 2009 1) is there such a thing as an encryption that cannot be decrypted? :S 2) the other day i came across this site which can decrypt md5 hashes... http://md5encryption.com/ wats the point of encrypting to begin with, if it can be decrypted so easily? Quote Link to comment Share on other sites More sharing options...
.josh Posted June 28, 2009 Share Posted June 28, 2009 That site does not decrypt md5 hashes. It just encrypts things and stores the string -> hash in the database. You can then enter in a hash and it will lookup in the database if they happen to have a string that matches it. That is not decryption. Quote Link to comment Share on other sites More sharing options...
Ken2k7 Posted June 28, 2009 Share Posted June 28, 2009 I wonder what that site does on hash collisions. Would it just return the first matched row? Quote Link to comment Share on other sites More sharing options...
sKunKbad Posted June 28, 2009 Share Posted June 28, 2009 It is common to "salt" your string before hashing with MD5, sha1, or whatever you use. Salting makes sites like you have shown totally ineffective (unless the salt is something totally simple, easy & obvious). Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted June 28, 2009 Share Posted June 28, 2009 1) is there such a thing as an encryption that cannot be decrypted? :S No, encryption does by definition have an inverse function. MD5 is not encryption though. 2) the other day i came across this site which can decrypt md5 hashes... http://md5encryption.com/ wats the point of encrypting to begin with, if it can be decrypted so easily? No it doesn't. Hashing is by definition not inverse. The people who made that site don't know what they're talking about and should take a basic math course. See this topic: http://www.phpfreaks.com/forums/index.php/topic,254277.0.html Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 28, 2009 Share Posted June 28, 2009 I wonder what that site does on hash collisions. Would it just return the first matched row? I would find it extremely unlikely that there are any collisions in their database. Sites such as those use common words or phrases (and combinations of those) to build thier lookup list. If you calculated the total number of possible hashes you would find that the total number of permutations is much larger than the number of combinations of limited strings on the order of many, many magnitude. Most MD5 reverse lookups use strings that would reasonably be used as a password, i.e. up to 20+ characters). The only examples I have seen where collisions have been proved are using PDF documents with thousands upon thousands of characters in length (in the actual source code, not the PDF displayable content). Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted June 28, 2009 Share Posted June 28, 2009 That site is just a matter of common passwords stored in a database and can't decrypt anything. Here is a VERY common and EASY password run through my encryption function which partially uses md5. Can you tell me what the password is? d7f778176e7841f7067f92b393f5d0d5 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.